Vulnerability Details CVE-2023-45601
A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.262), Parasolid V35.1 (All versions < V35.1.250), Parasolid V36.0 (All versions < V36.0.169), Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain a stack overflow vulnerability while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21290)
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 36.3%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2023-45601
-
cpe:2.3:a:siemens:parasolid:35.0
-
cpe:2.3:a:siemens:parasolid:35.0.161
-
cpe:2.3:a:siemens:parasolid:35.0.164
-
cpe:2.3:a:siemens:parasolid:35.0.170
-
cpe:2.3:a:siemens:parasolid:35.0.253
-
cpe:2.3:a:siemens:parasolid:35.0.260
-
cpe:2.3:a:siemens:parasolid:35.1
-
cpe:2.3:a:siemens:parasolid:35.1.150
-
cpe:2.3:a:siemens:parasolid:35.1.184
-
cpe:2.3:a:siemens:parasolid:35.1.246
-
cpe:2.3:a:siemens:parasolid:36.0
-
cpe:2.3:a:siemens:parasolid:36.0.142
-
cpe:2.3:a:siemens:parasolid:36.0.156
-
cpe:2.3:a:siemens:tecnomatix:2201
-
cpe:2.3:a:siemens:tecnomatix:2201.0008
-
cpe:2.3:a:siemens:tecnomatix:2302
-
cpe:2.3:a:siemens:tecnomatix:2302.0002